IT Security Engineer - Enterprise Security

As an IT Security Engineer, you will work closely with infrastructure, network, cloud, endpoint, DevOps and operations teams. You will identify risks, implement technical controls and help ensure that security measures work under real operational conditions., * Design, implement and improve security measures across network, server, endpoint, identity and cloud environments

• Analyze IT infrastructures for vulnerabilities, misconfigurations, attack paths and operational risks
• Operate, tune and improve security monitoring, including SIEM, log analysis and SOC-related workflows
• Investigate suspicious activity, anomalies and possible indicators of compromise
• Support incident response, including containment, root cause analysis, remediation and post-incident hardening
• Perform or coordinate vulnerability assessments, security reviews and penetration testing activities
• Prioritize vulnerabilities based on exploitability, exposure, business impact and operational criticality
• Develop secure configurations, hardening standards and baseline security controls
• Work on IAM, privileged access, MFA, role-based access and secure authentication concepts
• Secure cloud environments, hybrid infrastructures, endpoints, network segments and critical services
• Integrate security requirements into infrastructure, cloud, DevOps and IT projects
• Document risks, decisions, mitigations, dependencies and security standards in a structured way
• Translate technical findings into clear recommendations for engineering teams and management, If you want to take responsibility for enterprise security and work on technical defenses that have to withstand real-world pressure, we look forward to receiving your application as IT Security Engineer (m/f/d)., * Whether you have experience with SIEM, SOC, EDR, XDR or vulnerability management
• Which infrastructure, network or cloud environments you have secured
• Whether you have participated in incident response, security reviews or penetration testing
• Which security frameworks or certifications are relevant to your background
• Your earliest possible starting date
• Your salary expectations

You can apply directly through our career portal (https://jobs.expert-select.com/) ., Explore further vacancies through our jobs (https://jobs.expert-select.com/) . Review earning scenarios with our salary calculator (https://expert-select.com/brutto-netto-rechner-gehaltsrechner/) . Calculate hourly wage scenarios with our tool (https://expert-select.com/stundenlohnrechner/) . Learn more about industries and business areas through our overview (https://expert-select.com/branchen/) .

The requirements for this role are intentionally high. We are looking for a security professional who can take ownership, make sound technical decisions and contribute directly to the protection of productive systems., * Several years of experience as an IT Security Engineer, Cyber Security Engineer, Security Architect, Security Analyst, Security Consultant or System Engineer with a strong security focus

• Proven hands-on experience in securing productive enterprise environments
• Strong knowledge of network security, firewalls, segmentation, VPN, IDS/IPS, proxy technologies and secure network architectures
• Experience with endpoint protection, EDR/XDR, hardening, malware protection and detection concepts
• Practical experience with SIEM systems, log analysis, alert triage, security monitoring or SOC-related processes
• Strong understanding of modern attack techniques, privilege escalation, lateral movement, persistence mechanisms and common attacker behavior
• Experience in vulnerability management, including scanning, validation, prioritization, remediation tracking and risk-based reporting
• Knowledge of incident response methodology, containment strategies, forensic basics and post-incident improvement
• Strong understanding of Windows and Linux security in enterprise environments
• Experience with IAM, MFA, privileged access management and secure authentication
• Good understanding of cloud security in AWS, Microsoft Azure or Google Cloud
• Ability to assess risks across infrastructure, cloud, network, endpoint and application-related contexts
• Strong documentation skills and clear technical communication
• Very good German language skills, both written and spoken
• Good English skills for technical documentation, vendor communication and international security sources

A degree in computer science, IT security, information systems or a comparable technical field is an advantage. Practical security engineering experience is essential.

Strongly preferred experience

• Enterprise SIEM platforms, EDR/XDR tools, vulnerability scanners, IDS/IPS systems or cloud-native security tools
• Microsoft Defender, Sentinel, Splunk, QRadar, CrowdStrike, Tenable, Qualys, Rapid7, Palo Alto, Fortinet, Check Point or comparable technologies
• Security architecture, secure-by-design principles and technical security governance
• Zero Trust, network segmentation, conditional access and privileged access models
• Cloud security posture management, workload protection, identity security and secure landing zones
• DevSecOps, CI/CD security, secrets management, container security or Kubernetes security
• ISO 27001, BSI IT-Grundschutz, NIST, CIS Controls, GDPR or comparable frameworks
• Scripting or automation with Python, PowerShell, Bash or similar tools
• Certifications such as CISSP, CISM, CompTIA Security+, SSCP, CEH, OSCP, Microsoft Security or AWS Security

Why this role is demanding

Cyber security in enterprise environments is not theoretical. Systems are interconnected, identities are complex, cloud and on-premises components overlap, and business processes depend on availability.

In this role, you will deal with real attack surfaces, real vulnerabilities and real business impact. You must be able to distinguish critical risks from background noise, prioritize under pressure and communicate clearly when technical decisions affect operations.

This role is a strong fit if you already think in terms of attack paths, defense-in-depth, identity boundaries, monitoring quality, incident readiness and long-term hardening.

It is not suitable if your experience is mainly limited to first-level support, basic user administration, password resets, general IT coordination or theoretical security knowledge without hands-on responsibility for productive systems.

• Attractive compensation aligned with experience and technical responsibility
• Holiday and Christmas bonuses
• Assignment-related allowances where applicable
• Fixed employment contract with Expert Select GmbH
• Very strong opportunity to transition into the client's organization
• Professional development in cyber security, infrastructure and modern IT platforms
• Long-term perspective in a structured enterprise environment
• Clear contact persons and transparent recruitment process
• Professional communication without unnecessary delays
• Employee discounts for fitness, cinema, streaming and selected partner offers
• Team and company events

Through Expert Select GmbH (https://expert-select.de/) , you will be supported by a recruiting team that understands the importance of senior technical profiles and professional confidentiality in security-related roles.

For one of our clients, Expert Select GmbH is looking for an experienced IT Security Engineer (m/f/d) to protect complex, business-critical IT environments. This is not a general IT support role, not a junior position and not a compliance-only function. The focus is on hands-on security engineering, threat detection, vulnerability management, incident response and the continuous hardening of productive enterprise systems.